A "security policy" may be ineffective without a "security culture" - (Evidence) According to Ponemon’s 2019 State of Password and Authentication Security Behaviors Report, extremely poor password management habits by those in IT are making a hacker’s job much easier.

51% reuse the same password across an average of five business and/or personal accounts. It seems "Eating your own dog food" does not apply to IT


This is in line with LastPass’s 2018 findings where 50% of users use the same passwords for work and personal accounts


https://blog.knowbe4.com/a-hackers-dream-half-of-it-admins-reuse-passwords-across-multiple-accounts